mirror of
https://github.com/bol-van/zapret.git
synced 2024-11-30 05:50:53 +03:00
blockcheck: separate LINKLOCAL and LOCALHOST
This commit is contained in:
parent
353d34a425
commit
f892b625d2
@ -128,12 +128,12 @@ mpf_tpws_anchor()
|
||||
# $1 - port
|
||||
case "$IPV" in
|
||||
4)
|
||||
echo "rdr pass on $LO_IFACE inet proto tcp from \!127.0.0.0/8 to any port $1 -> $LOCALHOST port $TPPORT"
|
||||
echo "pass out route-to ($LO_IFACE $LOCALHOST) inet proto tcp from any to any port $1 user { >root }"
|
||||
echo "rdr pass on $LO_IFACE inet proto tcp from \!127.0.0.0/8 to any port $1 -> $LINKLOCAL port $TPPORT"
|
||||
echo "pass out route-to ($LO_IFACE $LINKLOCAL) inet proto tcp from any to any port $1 user { >root }"
|
||||
;;
|
||||
6)
|
||||
echo "rdr pass on $LO_IFACE inet6 proto tcp from \!::1 to any port $1 -> $LOCALHOST port $TPPORT"
|
||||
echo "pass out route-to ($LO_IFACE $LOCALHOST) inet6 proto tcp from any to any port $1 user { >root }"
|
||||
echo "rdr pass on $LO_IFACE inet6 proto tcp from \!::1 to any port $1 -> $LINKLOCAL port $TPPORT"
|
||||
echo "pass out route-to ($LO_IFACE $LINKLOCAL) inet6 proto tcp from any to any port $1 user { >root }"
|
||||
;;
|
||||
esac
|
||||
}
|
||||
@ -373,7 +373,7 @@ curl_translate_code()
|
||||
curl_supports_tls13()
|
||||
{
|
||||
local r
|
||||
curl --tlsv1.3 -Is -o /dev/null http://$LOCALHOST_IPT:65535 2>/dev/null
|
||||
curl --tlsv1.3 -Is -o /dev/null http://127.0.0.1:65535 2>/dev/null
|
||||
# return code 2 = init failed. likely bad command line options
|
||||
[ $? = 2 ] && return 1
|
||||
# curl can have tlsv1.3 key present but ssl library without TLS 1.3 support
|
||||
@ -388,7 +388,7 @@ curl_supports_tlsmax()
|
||||
# supported only in OpenSSL and LibreSSL
|
||||
curl --version | grep -Fq -e OpenSSL -e LibreSSL -e GnuTLS || return 1
|
||||
# supported since curl 7.54
|
||||
curl --tls-max 1.2 -Is -o /dev/null http://$LOCALHOST_IPT:65535 2>/dev/null
|
||||
curl --tls-max 1.2 -Is -o /dev/null http://127.0.0.1:65535 2>/dev/null
|
||||
# return code 2 = init failed. likely bad command line options
|
||||
[ $? != 2 ]
|
||||
}
|
||||
@ -584,7 +584,7 @@ pktws_start()
|
||||
}
|
||||
tpws_start()
|
||||
{
|
||||
"$TPWS" --uid $TPWS_UID:$TPWS_GID --bind-addr=$LOCALHOST%$LO_IFACE --port=$TPPORT "$@" >/dev/null &
|
||||
"$TPWS" --uid $TPWS_UID:$TPWS_GID --bind-addr=$LINKLOCAL%$LO_IFACE --port=$TPPORT "$@" >/dev/null &
|
||||
PID=$!
|
||||
# give some time to initialize
|
||||
minsleep
|
||||
@ -924,13 +924,17 @@ configure_ip_version()
|
||||
{
|
||||
if [ "$IPV" = 6 ]; then
|
||||
LOCALHOST=::1
|
||||
[ "$UNAME" = Darwin ] && LOCALHOST=fe80::1
|
||||
LOCALHOST_IPT=[${LOCALHOST}]
|
||||
LINKLOCAL=$LOCALHOST
|
||||
[ "$UNAME" = Darwin ] && LINKLOCAL=fe80::1
|
||||
LINKLOCAL_IPT=[${LINKLOCAL}]
|
||||
IPVV=6
|
||||
else
|
||||
IPTABLES=iptables
|
||||
LOCALHOST=127.0.0.1
|
||||
LOCALHOST_IPT=$LOCALHOST
|
||||
LINKLOCAL=$LOCALHOST
|
||||
LINKLOCAL_IPT=$LINKLOCAL
|
||||
IPVV=
|
||||
fi
|
||||
IPTABLES=ip${IPVV}tables
|
||||
|
Loading…
Reference in New Issue
Block a user